AgileBits in Toronto offers 1Password, a password manager available to both private individuals and businesses, touting a unique approach to multi-factor authentication to improve security.
$2.99
per month
JumpCloud
Score 9.0 out of 10
N/A
JumpCloud Directory-as-a-Service® is a cloud-based platform that enables IT teams to securely manage user identities and connect them to resources they need regardless of provider, protocol, vendor, or location. Directory-as-a-Service gives organizations a single pane of glass to manage users and systems. It allows administrators to grant users secure access to resources with protocols and access controls. It also includes APIs, tools, and integrations to maximize administrative flexibility and…
I've described how I use it to manage confidential client logins for the websites I develop for them. Every site has a myriad of things that need logins - from setting up their domain name and hosting, to building the WordPress site, to getting them set up with email and maintaining their sites. When I need to provide IT support to our staff, I have my phone right there to log in to their computers to address the issues. When I want to order cookies from Amazon or check my home's security camera settings, it's there for personal needs as well. There are sharing features that I haven't explored enough to be comfortable with setting up for staff. They may be just great, but it is a place where I personally don't make use of the program.
JumpCloud is least suited in situations where you have few devices, but lots of users. JumpCloud heavily focuses on the "One-User-One-Device" type of use, and does lack some of the features things like Active Directory is better suited for when having multiple users accessing one machine. Their Powershell APIs are fantastic and getting only more powerful. Lots of features are hidden behind these APIs, so admins not as familiar with Powershell would have more issues leveraging these tools. BYOD deployments are amazing, especially for macOS devices that are using Apple Business Manager and can leverage Zero Touch deployments. It is especially good at handling mixed systems, whereas other options, such as Jamf, are really suiting only for macOS, or Intune is more suited for Windows; JumpCloud managed to handle both systems well.
1Password's Watchtower service is a real value add - 1Password monitors the security news for evidence of security breaches containing your credentials and alerts you if you have been impacted. That is a huge value as it enables you to get out in front of a security breach and be proactive in protecting yourself.
1Password's core strength is that it makes it easy to practice good security hygiene by using strong, unique passwords for each site you interact with. This is something that all password managers do now, but offering an easy experience is key.
1Password's password sharing features makes it easy to share team credentials with other team members, and to decide who amongst the team gets access to the designated credentials.
User Management - The ability to control our users and set password/polices is made easy in the JC console
Device Management - Using JC each user is assigned to their own device with only the rights to do their job - When elevated rights are required, this is done simply via the JC console for the period of time required
SSO - Using JC's SAML SSO integrations we are building out our SSO offering and this is making for a much simpler daily user experience
1Password is so secure, that it lacks a self-managed "forget your password" functionality which means that as a manager, I have to approve password resets which may slow down some users.
On Chrome, the extension sometimes stops working when the browser is updated.
SSO via OpenID - Opening up their SSO from just SAML to including OpenID (OAuth) would allow us to make more use of the service and to also incorporate it into some internal testing suites
Time Limited User Elevation - The ability to time limit a users elevation of privileges would be a great addition
Extending device management to include LPA - Least Privilege Access is becoming a bigger ask from our external auditors - Being able to do this via JC would be amazing
The 1Password app design is top notch, much better than a couple other password managers I've looked at. The app and service are very flexible, allowing for many different types of data storage. The browser extensions generally work very well, allowing for easy access to login information while using pretty much any modern web browser.
It's simple. I like how JumpCloud keeps things simple. Similar to Apple's ecosystem, they give you what you want with some extra features and bells and whistles but it doesn't take a large instruction manual to use it. They have the support system and KB articles to back up their product and learn about a feature and how to implement it
I have never had any issues with 1Password and they have always been able to answer my questions adequately resolve my issues. Furthermore, they have a robust peer forum that can be accessed. They have helpful "Get to know Apps", videos and many articles to assist in the process of using the product.
I have rarely contacted support. When I have, the responses were within expected time frames, and easy to access. Community support is incredible, both from the JumpCloud representatives, and the user base community at large. The support pages on the website also are typically very well written and strike a nice balance between having the technical information needed, and also being easy to understand for the small business types that might not have as much of a technical background as an IT Admin.
I don't know any of the software in the list, but normally, I used to save logins in Chrome - whether work or private, in separate accounts of course. Chrome stores information, even credit card info in plain text, that is easy to crack. 1Password is a step up, or even, several steps up from there. The Master key is stored in a Google service though, that 1Password gave me in a pdf format, but I consider that safe
Some features would make more sense for us to be bundled by machine, instead of the user. We have fewer machines, and multiple users log into one machine, so doing something like paying per user for services like Patch Management are difficult to warrant the cost. I also feel a more complete package that includes common addon features; Patch Management and Password Manager, would be an improvement. It would also be nice if we could change packages, addons, and other billing services via self-service instead of reaching out to our account manager.
1Password has empowered me to meet the stringent security demands of my organization without having to resort to complex, time-intensive encryption setups to store all of my various credentials. Instead of wasting time on building, configuring, and maintaining such infrastructure, 1Password manages it for me.
1Password's annual subscription pricing model is reasonable, given a great deal of value, it has provided me, both personally and in my business operations. I don't need to invest capital into secure storage infrastructure to ensure that I always have my credentials at my fingertips, and I prefer to have a dedicated, focused security company own the hardware behind this great service.
The fact that I control my 1Password account means that I can get double the use out of it: personal and professional account credentials sit side-by-side in my secure vault. Because I do not need to rely on my internal IT department to provide access, I am confident in storing whatever I need to store.
